When in development, it's probably fine to supply Sequin with an existing user.

However, when in production, you should create a dedicated user for Sequin. The user needs the following permissions:

1. `connect` permission on the database.
2. `select` permission on all the tables you want to connect to Sequin.
3. `replication` permission to read from replication slots.

Here's how to create a dedicated user with the minimum required permissions:

```sql
-- Create user with a secure password
create user sequin_user with password 'REPLACE_WITH_SECURE_PASSWORD';

-- Grant connect permission
grant connect on database your_database to sequin_user;

-- Grant select permission on tables you want to replicate
grant select on table table1, table2, table3 to sequin_user;
-- OR grant select on all tables in a schema
grant select on all tables in schema public to sequin_user;

-- Grant replication permission
alter user sequin_user with replication;
```

To generate a secure password, if you have OpenSSL installed, you can use the following command:

```bash
openssl rand -base64 32
```